3 matches found
Microsoft Outlook Express Windows Address Book File Overflow (MS06-016; CVE-2006-0014)
Microsoft Outlook Express OE is an email, newsgroup and address book management client application. The application includes a stand-alone component called Address Book that manages the address book entries. An Address Book can contain entries for individual contacts as well as group lists that...
ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability
ZDI-06-007: Microsoft Windows Address Book WAB File Format Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-007.html April 11, 2006 -- CVE ID: CVE-2006-0014 -- Affected Vendor: Microsoft -- Affected Products: Windows XP SP2 Windows 2000 SP4 -- TippingPointTM IPS Customer...
CVE-2006-0014
The CVE-2006-0014 entry maps to Microsoft Outlook Express (OE) using the Windows Address Book (.wab) file. The underlying flaw is an unchecked buffer/heap corruption caused by parsing malformed .wab files, specifically due to modifications of Unicode string lengths during WAB parsing. This can al...